[openpgp] Secret key checksum
Stephen Paul Weber <singpolyma@singpolyma.net> Thu, 03 January 2013 16:54 UTC
Return-Path: <singpolyma@singpolyma.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 753D621F8CEB for <openpgp@ietfa.amsl.com>; Thu, 3 Jan 2013 08:54:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kxnRGb7k7Xw0 for <openpgp@ietfa.amsl.com>; Thu, 3 Jan 2013 08:54:48 -0800 (PST)
Received: from singpolyma.net (singpolyma.net [64.15.152.44]) by ietfa.amsl.com (Postfix) with ESMTP id 7CDB921F8CEE for <openpgp@ietf.org>; Thu, 3 Jan 2013 08:54:47 -0800 (PST)
Received: by singpolyma.net (Postfix, from userid 1002) id B3202CC229C; Thu, 3 Jan 2013 16:54:46 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=singpolyma.net; s=iweb; t=1357232086; bh=+RrKvUwg2El4DODg9Zbzael92WxpKPS5+y70F5iDtWs=; h=Date:From:To:Subject:Message-ID:MIME-Version:Content-Type; b=aisc2Z3pkBJTb61D4S6mPfaIJeRarG89ZS8PrhFMqS9/DPVx0KBXensYfEh1puc7z BMaSUTxWWd3FLJRQN8OfGD8NTqqKkDK91IInt5VtmoIOidnQ+1ynv1TZJQIWtMOp+1 fV6X9H1alxlh9AGsYH9ltf6qfXBViZrDYmQDqhMU=
Date: Thu, 03 Jan 2013 11:54:45 -0500
From: Stephen Paul Weber <singpolyma@singpolyma.net>
To: openpgp@ietf.org
Message-ID: <20130103165445.GC1808@singpolyma-svelti>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="azLHFNyN32YCQGCU"
Content-Disposition: inline
Jabber-ID: singpolyma@singpolyma.net
OpenPGP: id=CE519CDE; url=https://singpolyma.net/public.asc
X-URL: https://singpolyma.net
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: [openpgp] Secret key checksum
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jan 2013 16:54:48 -0000
Encrypted secret keys can be protected with SHA1 or with a two-octet checksum. Unencrypted secret keys can only be protected with a two-octet checksum. What is the intended purpose of this integrity protection? What are the security issues with using the weaker checksum over SHA1? Are these security issues not present on an unencrypted secret key? -- Stephen Paul Weber, @singpolyma See <http://singpolyma.net> for how I prefer to be contacted edition right joseph
- [openpgp] Secret key checksum Stephen Paul Weber